Troubleshooting: Logon Duration – Domain Controller Networking


End-Users complaing on slow logon issues.

Identifying Root Cause

When trying to identify the root cause of a Citrix end user experience issue, the main display to  view all of the Citrix user sessions is the XenApp & XenDesktop session display. To access this display, click View then XenApp & XenDesktop. This page is divided into three areas: App Servers and Published App & Desktops (for Citrix XenApp environments) and Virtual Desktops (for XenDesktop environments). You’ll want to navigate to the applicable section for your environment (Published App & Desktop or Virtual Desktops) to troubleshoot further.

These displays include user session data (both past and present), and allow you to track the complete user experience through the environment, from the login at the endpoint, all the way through the environment back to the underlying infrastructure, and present these data points over the course of the session so you can troubleshoot any issue that takes place during a user’s session.

In the case of logon duration and the issue where long logons are occurring widespread, you’ll want to use the search button at the bottom of the page to filter the page to match a time period that you’ll want to focus in on.

Once the page is filtered, you will see the sessions with high logons by sorting the page by the Logon column. Once the page is sorted, you can then use the other columns on the page like Machine NameUsernameGroup Name and Start Time to confirm whether or not any patterns can be identified outside of high logon duration. For example, when widespread issue are occurring it can be good to note the client address to identify if all of the users are connecting from the same locations.

To analyze the 33+ stages of the users logon process, you can click on any of the user sessions to drill into the session metrics. Once you’ve drilled down, click the Logon Duration tab. This tab is divided into three vertical sections. The top section displays the logon summary showing the high-level stages of the overall logon process, and the next two sections break down the details of what is happening in the brokering stages and the launch of the session on the App Server or VDI.

The brokering stages in the middle of the dialog enable you to identify slowness due to Citrix Delivery Controller brokering issues including Authentication, Logon Script, Profile Load time, delays in Windows session creation on the session host. On the client side, you can identify delays in establishing the micro-VPN connection, receiver launch, ICA file download, and more.

At the bottom of the dialog each stage of the logon process at the session host process is displayed including authentication at the domain controller, determining how long it took to copy over the policy files to the session host, logon script execution, drive mapping, printer mapping, and folder redirection. Each policy and script which is executed is included in this stage.

Figure 1 – Session dialog – Logon Duration tab 

When you have many users in the environment complaining about the same issues, in this case logon duration, finding patterns can be key for identifying root cause. For example, using the Logon Duration details, you might be able to determine that widespread delays in logon duration ultimately stemmed from how long it took to copy over the policy files from the domain controller to the session host because users were using the local domain controller at the office rather than the one in the datacenter “next to” the Citrix environment. In this example, this could be discovered by analyzing the bottom section of the page, specifically Domain Controller Data is where the name of the domain controller that was used for authentication is displayed, and then the policy copy stages that followed.

Root Cause

In the example case demonstrated above, reviewing the logon duration metric trends resulted in identifying high group policy files processing. With deeper investigation, the root cause of the high logon times was the result of domain controller networking issues.